About MFA the Browser Extension for Firefox and Chromium

Tedium of entering the MFA code into MongoDB every day!



In this post...

Overview

The MFA (Multi-Factor Authentication Assistant) browser extension is designed to streamline the often-tedious process of multi-factor authentication. It retrieves the MFA code sent to your email and automatically fills in your authentication form, saving you from the hassle of manually handling the following steps:

  1. Clicking the "Send Code" button.
  2. Opening your email to find the code.
  3. Waiting for the email to arrive and copying the code.
  4. Returning to paste the code into the form.

Maybe that doesn't sound like much, but I was getting hugely tired of developing into the evening while logged into MongoDB's Atlas UI and then starting the next morning only to find that I yet again needed to re-authenticate (which wouldn't be a problem if it weren't for the extra requirement of MFA...) One day I really dug into the settings searching for the toggle switch that would extend time login timeout but ultimately was unable to find any such life saver... I guess the joke will be on me if I find out that the setting does in fact exist. Regardless, this was a fun little project, so there's that.

The MFA extension retrieves and auto fills your MFA code!

Key Features

  • Automated MFA Code Retrieval: The extension uses OAuth (read-only access) to your specified Gmail address to fetch MFA codes. This ensures that the retrieval process is secure and seamless.
  • Email Forwarding Compatibility: You can set up email forwarding to a less privileged email account if it suits your security needs better or even use a secure hosted email MFA email.
  • Client-Side Operation: All operations are performed by default on the client side, with no backend server involvement, ensuring that your authentication credentials remain secure and private.
  • Short-Term Authentication: The extension maintains authentication with Google for up to an hour (yes, yes, I know... what's the point right... well actually it is still easier because autofill of passwords is already being done, so now it's just extra clicks, but see the next point...).
  • Long-Term Authentication (Optional): For those requiring longer offline access, a Cloudflare Worker is used to obtain a refresh token from Google, minimizing the need for frequent re-authentication and maintaining your development workflow with less interactivity.
  • Open Source: The code for this extension is open source, providing transparency and allowing you to verify the security of the extension. As well, it's my hope that others have different workflows but with the same shared pain-point because adding additional code for those should be a breeze.
Option to forward MFA emails to a secure hosted MFA+ email address

How It Works

  1. Setup: Install the Chrome Extension MFA (Multi-Factor Authentication Assistant) from the Chrome Web Store, Edge-Addons, Firefox, or via GitHub releases (side-loaded).
  2. OAuth Authentication: Authorize the extension to access your Gmail account using OAuth. This access is read-only and only used to retrieve MFA codes.
  3. Email Forwarding (Optional): If desired, set up email forwarding from your primary MFA email account to another less privileged email account for added security or use the secure hosted email endpoint provided in the extension.
  4. Automatic Code Retrieval: When an MFA code is sent to your email, the extension automatically retrieves it and fills in the authentication form for you.
  5. Session Maintenance: The extension maintains authentication with Google for up to an hour. For longer periods, you can use the refresh token option with a Cloudflare Worker.

Security

  • Client-Side Operation: The extension operates entirely on the client side, with no backend server processing your authentication credentials.
  • Read-Only OAuth Access: The extension uses read-only access to your Gmail account, ensuring that it cannot alter or delete any emails.
  • Transparency: As an open-source project, the extension's code is available for review, allowing you to inspect and verify its security measures.

Benefits

  • Time-Saving: Eliminates the need to manually retrieve and enter MFA codes, saving you valuable time and reducing the risk of errors.
  • Increased Productivity: Streamlines your workflow, especially useful for developers and professionals who frequently need to authenticate.
  • Enhanced Security: By automating the process and reducing manual handling, it minimizes the risk of exposing your MFA codes to potential threats.

Getting Started

  1. Install the Extension: Download and install the Browser Extension MFA (Multi-Factor Authentication Assistant) from the Chrome Web Store, Edge-Addons, Firefox, or via GitHub releases (side-loaded).
  2. Configure Email Forwarding (Optional): If desired, set up email forwarding to another account.
  3. Authorize Gmail Access: Follow the prompts to authorize the extension to access your Gmail account via OAuth.
  4. Enjoy Seamless MFA: Let the extension handle the retrieval and input of MFA codes, enhancing your security and productivity.

Support and Feedback

For support, feedback, or to contribute to the project, visit our GitHub repository. Your input is valuable and helps us improve the extension for everyone.

Conclusion

The MFA (Multi-Factor Authentication Assistant) browser extension is a powerful tool designed to make multi-factor authentication effortless. With automated code retrieval, client-side operation, and optional long-term authentication, it enhances your security while saving you time. As an open-source project, it provides transparency and security you can trust. Install it today and experience the convenience and peace of mind it offers.